Regulation and cyber attacks – a perfect storm for SaaS

A confluence of regulation and cyber attacks make the case for cloud based ERP aka SaaS an inevitable requirement.

Keep an eye on the SaaS or software as a service market. If I am right, it’s about to get hot. SaaS has been with us for all of this century and it has often been an approach that smaller companies or departments of larger ones have used to avail themselves of fantastically functional applications they couldn’t afford to purchase any other way.

The recent awful news about a global cyber attack that killed or crippled businesses as diverse as healthcare in the UK, and auto manufacturing at Renault and that continues roiling Asia might in the future be regarded as the tipping point that sent enterprises scurrying to the cloud. To be sure enterprises have been avid users of cloud computing for a long time but the immovable object of enterprise IT has been a company’s ERP system. Availability of good, cheap, secure, ERP in the cloud might be the irresistible force, especially if you add in security and the changes to revenue recognition best practices the accounting boards have mandated.

Beginning on January 1, 2019 you’ll need to conform to new rules for how you recognize revenue for subscriptions. You might not be a subscription business—maybe you just dabble in offering products as services to help garner an additional 10 percent of revenue. Regardless, the new rules apply to you. Ditto if you think you’ll ever want to try. In the U.S. the new rules go by the name of ASC 606, if you are a European business the International Financial Accounting Standards Board or IFRS has your number, in this case it’s IFRS 15.

Tien Tzuo, CEO of Zuora, a subscription invoicing and billing company has had a ringside seat to the situation for many years. Tzuo told me, “For years the rules didn’t make sense. There were no standards for how subscription revenue was recognized which left investors no way to make apples to apples comparisons on how revenue and expenses were being reported.” He summarized saying, “This is Y2K huge and companies aren’t ready. If they are public companies and have to delay or worse, are out of compliance valuations will crumble. That will make them a target for shareholder lawsuits and activist investors.”